Purchase any WEBINAR and get
10% Off
CODE: SAVE10
T&C applicable, please referFAQ
Validity : 25th Jun'26 to 05th Jul'26
Agentic AI and the Supply Chain: Securing the Agents, Tools, and Trust Chains Behind Autonomous AI Systems
- What Makes Agentic AI a Supply Chain Problem
- Anatomy of the Agentic Supply Chain: Models, Tools, Plugins, and MCP Servers
- Model and Training Data Provenance Verification
- Tool and Plugin Ecosystem Risk and Vetting Frameworks
- Agent-to-Agent Trust, Delegation, and Authentication
- Upstream Data and Dependency Poisoning (RAG, Vector Stores, Open-Source Components)
- AI Bill of Materials (AI-BOM): Extending SBOM to Agentic Systems
- Compliance Mapping: NIST AI RMF, ISO/IEC 42001, EU AI Act, SOC 2
- Building a Practical Agentic Supply Chain Security Program
- Real-World Case Studies Across Financial Services, Healthcare, and E-Commerce
Overview of the webinar
As organizations move from single-model AI applications to autonomous, tool-calling agents, the nature of supply chain risk has fundamentally changed. A traditional software supply chain is largely static and resolved at build time. An agentic AI supply chain is dynamic — a model can discover and invoke a new tool, plugin, or external service at runtime, often without a human reviewing that decision.
This session walks through the full anatomy of the agentic supply chain: foundation models and their training data provenance, third-party tool and plugin ecosystems, MCP servers and external API integrations, and the trust assumptions made when one agent's output becomes another agent's input. Specific attention is given to model provenance verification, tool and plugin vetting frameworks, RAG and vector store poisoning, agent-to-agent authentication, and the emerging concept of an AI Bill of Materials (AI-BOM) as an extension of traditional SBOM practices.
The session closes with a practical implementation roadmap and a mapping of agentic supply chain controls to existing frameworks including NIST AI RMF, ISO/IEC 42001, the EU AI Act, and SOC 2 — so attendees can build this work into governance programs they may already have in place, rather than starting from zero.
Who should attend?
- Chief Information Security Officer (CISO)
- IT Directors
- AI Risk Officers
- IT Security Managers
- Compliance Officers
- Risk Managers
- Security Architects
- DevSecOps Engineers
- Internal Auditors
- Data Privacy Officers
- AI Governance Lead
- SOC Managers
- BFSI — Banks & Credit Unions, Risk Management, Fraud Analytics, Algorithmic Trading Oversight
- Hospital & Healthcare — Healthcare IT & Data Security, Clinical AI Governance, HIPAA-HITECH
- Multi Industry — Information Technology, Corporate Governance & Risk Management, Internal Audit
- Technology & SaaS — AI/ML Platform Providers, DevSecOps, Cloud-Native Engineering Teams
- Life Sciences — FDA Compliance, Clinical Research, AI-Assisted Diagnostics Governance
Why should you attend?
Agentic AI systems no longer just answer questions — they call tools, invoke third-party plugins, query external MCP servers, and increasingly coordinate with other autonomous agents to complete tasks. Every one of those connections is a dependency, and most security and compliance programs have not yet caught up to the fact that this web of dependencies is now part of their supply chain.
This webinar equips security leaders, compliance officers, and risk managers with a practical framework for identifying, assessing, and governing the supply chain risk introduced by agentic AI. Attendees will leave with a clear understanding of where trust breaks down in multi-agent and tool-calling systems, how attackers are already exploiting these gaps, and what controls and governance structures are available today to close them.
Faculty - Mr.Mohammed Ilyas Ahmed
Mohammed is a security and DevSecOps professional with deep experience helping organizations strengthen their security posture across modern, cloud-native environments. His work centers on bridging security, engineering, and operations to enable scalable, resilient, and secure systems in complex enterprise ecosystems.
He is an active contributor to the global technology community and a frequent speaker at leading industry conferences and platforms, including DEF CON, Black Hat, KubeCon (Paris), ISACA, IANS, and Wallarm, among others. He is also regularly invited to serve as a technical session judge, where he brings practical insight and industry rigor to evaluating emerging ideas and innovations.
He maintains strong ties with academia and thought leadership. He contributes research associated with Harvard University, publishing work that advances discussions on modern security practices, governance, and risk management. He is a member of the Harvard Business Review Advisory Council, where he supports collaboration between industry and academia and promotes knowledge sharing and innovation.
His work has a global dimension through his role on the Global Advisory Board of VigiTrust Limited (Dublin, Ireland), where he contributes to international strategies in cybersecurity, data protection, and risk management. He holds numerous industry certifications that reflect the breadth and depth of his expertise in security and cloud technologies.
He is the author of Cloud-Native DevOps, a practical guide to building scalable, reliable, and secure cloud-native applications. The book draws on real-world experience to cover modern DevOps and DevSecOps practices, containers, CI/CD pipelines, and security integration in cloud-native architectures.
His areas of focus include cybersecurity, cloud-native technologies, DevSecOps, risk management, and the role of AI in cloud-native ecosystems. Beyond his professional work, he brings a range of interests and perspectives that inform his leadership and thought leadership.